use modern shell syntax and fix various warnings

This unifies the codestyle across all shell scripts, and fixes many warnings reported through shellcheck. Additionally, it improves readability for everyone wishing to see what is actually going on.
2025-02-05 14:08:29 +00:00 · 2021-08-20 14:19:03 +00:00 · 2021-08-20 14:19:03 +00:00 · f47b320a4a
commit f47b320a4a
parent 27ed048374
6 changed files with 129 additions and 134 deletions
--- a/connect_to_openvpn_with_token.sh
+++ b/connect_to_openvpn_with_token.sh
@ -20,24 +20,23 @@
 # SOFTWARE.

 # This function allows you to check if the required tools have been installed.
-function check_tool() {
+check_tool() {
  cmd=$1
-  if ! command -v "$cmd" &>/dev/null
-  then
+  if ! command -v "$cmd" >/dev/null; then
    echo "$cmd could not be found"
    echo "Please install $cmd"
    exit 1
  fi
 }
-# Now we call the function to make sure we can use wg-quick, curl and jq.
+# Now we call the function to make sure we can use openvpn, curl and jq.
+check_tool openvpn
 check_tool curl
 check_tool jq
-check_tool openvpn

 # Check if terminal allows output, if yes, define colors for output
-if test -t 1; then
+if [[ -t 1 ]]; then
  ncolors=$(tput colors)
-  if test -n "$ncolors" && test "$ncolors" -ge 8; then
+  if [[ -n $ncolors && $ncolors -ge 8 ]]; then
    GREEN='\033[0;32m'
    RED='\033[0;31m'
    NC='\033[0m' # No Color
@ -51,16 +50,16 @@ fi
 # Check if manual PIA OpenVPN connection is already initialized.
 # Multi-hop is out of the scope of this repo, but you should be able to
 # get multi-hop running with both OpenVPN and WireGuard.
-adapter_check="$( ip a s tun06 2>&1 )"
+adapter_check=$( ip a s tun06 2>&1 )
 should_read="Device \"tun06\" does not exist"
 pid_filepath="/opt/piavpn-manual/pia_pid"
-if [[ "$adapter_check" != *"$should_read"* ]]; then
+if [[ $adapter_check != *"$should_read"* ]]; then
  echo -e ${RED}The tun06 adapter already exists, that interface is required
  echo -e for this configuration.${NC}
-  if [ -f "$pid_filepath" ]; then
-    old_pid="$( cat "$pid_filepath" )"
-    old_pid_name="$( ps -p "$old_pid" -o comm= )"
-    if [[ $old_pid_name == 'openvpn' ]]; then
+  if [[ -f $pid_filepath ]]; then
+    old_pid=$( cat "$pid_filepath" )
+    old_pid_name=$( ps -p "$old_pid" -o comm= )
+    if [[ $old_pid_name == "openvpn" ]]; then
      echo
      echo -e It seems likely that process ${RED}"$old_pid"${NC} is an OpenVPN connection
      echo that was established by using this script. Unless it is closed
@ -99,10 +98,10 @@ then
 fi

 # Check if the mandatory environment variables are set.
-if [[ ! $OVPN_SERVER_IP ||
-  ! $OVPN_HOSTNAME ||
-  ! $PIA_TOKEN ||
-  ! $CONNECTION_SETTINGS ]]; then
+if [[ -z $OVPN_SERVER_IP ||
+      -z $OVPN_HOSTNAME ||
+      -z $PIA_TOKEN ||
+      -z $CONNECTION_SETTINGS ]]; then
  echo -e ${RED}'This script requires 4 env vars:'
  echo 'PIA_TOKEN           - the token used for authentication'
  echo 'OVPN_SERVER_IP      - IP that you want to connect to'
@ -138,8 +137,8 @@ echo -e "${GREEN}OK!${NC}"
 IFS='_'
 read -ra connection_settings <<< "$CONNECTION_SETTINGS"
 IFS=' '
-protocol="${connection_settings[1]}"
-encryption="${connection_settings[2]}"
+protocol=${connection_settings[1]}
+encryption=${connection_settings[2]}

 prefix_filepath="openvpn_config/standard.ovpn"
 if [[ $encryption == "strong" ]]; then
@ -161,12 +160,12 @@ else
 fi

 # Create the OpenVPN config based on the settings specified
-cat $prefix_filepath > /opt/piavpn-manual/pia.ovpn || exit 1
-echo remote "$OVPN_SERVER_IP" $port "$protocol" >> /opt/piavpn-manual/pia.ovpn
+cat "$prefix_filepath" > /opt/piavpn-manual/pia.ovpn || exit 1
+echo "remote $OVPN_SERVER_IP $port $protocol" >> /opt/piavpn-manual/pia.ovpn

 # Copy the up/down scripts to /opt/piavpn-manual/
 # based upon use of PIA DNS
-if [ "$PIA_DNS" != true ]; then
+if [[ $PIA_DNS != "true" ]]; then
  cp openvpn_config/openvpn_up.sh /opt/piavpn-manual/
  cp openvpn_config/openvpn_down.sh /opt/piavpn-manual/
  echo -e ${RED}This configuration will not use PIA DNS.${NC}
@ -201,8 +200,7 @@ Confirming OpenVPN connection state..."
 # Manually adjust the connection_wait_time if needed
 connection_wait_time=10
 confirmation="Initialization Sequence Complete"
-for (( timeout=0; timeout <= connection_wait_time; timeout++ ))
-do
+for (( timeout=0; timeout <= connection_wait_time; timeout++ )); do
  sleep 1
  if grep -q "$confirmation" /opt/piavpn-manual/debug_info; then
    connected=true
@ -210,11 +208,11 @@ do
  fi
 done

-ovpn_pid="$( cat /opt/piavpn-manual/pia_pid )"
-gateway_ip="$( cat /opt/piavpn-manual/route_info )"
+ovpn_pid=$( cat /opt/piavpn-manual/pia_pid )
+gateway_ip=$( cat /opt/piavpn-manual/route_info )

 # Report and exit if connection was not initialized within 10 seconds.
-if [ "$connected" != true ]; then
+if [[ $connected != "true" ]]; then
  echo -e "${RED}The VPN connection was not established within 10 seconds.${NC}"
  kill "$ovpn_pid"
  exit 1
@ -234,7 +232,7 @@ To disconnect the VPN, run:
 "

 # This section will stop the script if PIA_PF is not set to "true".
-if [ "$PIA_PF" != true ]; then
+if [[ $PIA_PF != "true" ]]; then
  echo If you want to also enable port forwarding, you can start the script:
  echo -e $ ${GREEN}PIA_TOKEN="$PIA_TOKEN" \
    PF_GATEWAY="$gateway_ip" \
--- a/connect_to_wireguard_with_token.sh
+++ b/connect_to_wireguard_with_token.sh
@ -20,10 +20,9 @@
 # SOFTWARE.

 # This function allows you to check if the required tools have been installed.
-function check_tool() {
+check_tool() {
  cmd=$1
-  if ! command -v "$cmd" &>/dev/null
-  then
+  if ! command -v "$cmd" >/dev/null; then
    echo "$cmd could not be found"
    echo "Please install $cmd"
    exit 1
@ -35,9 +34,9 @@ check_tool curl
 check_tool jq

 # Check if terminal allows output, if yes, define colors for output
-if test -t 1; then
+if [[ -t 1 ]]; then
  ncolors=$(tput colors)
-  if test -n "$ncolors" && test "$ncolors" -ge 8; then
+  if [[ -n $ncolors && $ncolors -ge 8 ]]; then
    GREEN='\033[0;32m'
    RED='\033[0;31m'
    NC='\033[0m' # No Color
@ -62,7 +61,9 @@ then
 fi

 # Check if the mandatory environment variables are set.
-if [[ ! $WG_SERVER_IP || ! $WG_HOSTNAME || ! $PIA_TOKEN ]]; then
+if [[ -z $WG_SERVER_IP ||
+      -z $WG_HOSTNAME ||
+      -z $PIA_TOKEN ]]; then
  echo -e ${RED}This script requires 3 env vars:
  echo WG_SERVER_IP - IP that you want to connect to
  echo WG_HOSTNAME  - name of the server, required for ssl
@ -80,9 +81,9 @@ if [[ ! $WG_SERVER_IP || ! $WG_HOSTNAME || ! $PIA_TOKEN ]]; then
 fi

 # Create ephemeral wireguard keys, that we don't need to save to disk.
-privKey="$(wg genkey)"
+privKey=$(wg genkey)
 export privKey
-pubKey="$( echo "$privKey" | wg pubkey)"
+pubKey=$( echo "$privKey" | wg pubkey)
 export pubKey

 # Authenticate via the PIA WireGuard RESTful API.
@ -101,7 +102,7 @@ wireguard_json="$(curl -s -G \
 export wireguard_json

 # Check if the API returned OK and stop this script if it didn't.
-if [ "$(echo "$wireguard_json" | jq -r '.status')" != "OK" ]; then
+if [[ $(echo "$wireguard_json" | jq -r '.status') != "OK" ]]; then
  >&2 echo -e "${RED}Server did not return OK. Stopping now.${NC}"
  exit 1
 fi
@ -120,8 +121,8 @@ echo
 # This uses a PersistentKeepalive of 25 seconds to keep the NAT active
 # on firewalls. You can remove that line if your network does not
 # require it.
-if [ "$PIA_DNS" == true ]; then
-  dnsServer="$(echo "$wireguard_json" | jq -r '.dns_servers[0]')"
+if [[ $PIA_DNS == "true" ]]; then
+  dnsServer=$(echo "$wireguard_json" | jq -r '.dns_servers[0]')
  echo "Trying to set up DNS to $dnsServer. In case you do not have resolvconf,"
  echo "this operation will fail and you will not get a VPN. If you have issues,"
  echo "start this script without PIA_DNS."
@ -161,7 +162,7 @@ To disconnect the VPN, run:
 "

 # This section will stop the script if PIA_PF is not set to "true".
-if [ "$PIA_PF" != true ]; then
+if [[ $PIA_PF != "true" ]]; then
  echo If you want to also enable port forwarding, you can start the script:
  echo -e $ ${GREEN}PIA_TOKEN="$PIA_TOKEN" \
    PF_GATEWAY="$WG_SERVER_IP" \
--- a/get_region.sh
+++ b/get_region.sh
@ -20,10 +20,9 @@
 # SOFTWARE.

 # This function allows you to check if the required tools have been installed.
-function check_tool() {
+check_tool() {
  cmd=$1
-  if ! command -v "$cmd" &>/dev/null
-  then
+  if ! command -v "$cmd" >/dev/null; then
    echo "$cmd could not be found"
    echo "Please install $cmd"
    exit 1
@ -34,7 +33,7 @@ check_tool curl
 check_tool jq

 # If the server list has less than 1000 characters, it means curl failed.
-function check_all_region_data() {
+check_all_region_data() {
  echo
  echo -n "Getting the server list..."

@ -52,11 +51,11 @@ function check_all_region_data() {

 # Get all data for the selected region
 # Exit with code 1 if the REGION_ID provided is invalid
-function get_selected_region_data() {
+get_selected_region_data() {
  regionData="$( echo "$all_region_data" |
  jq --arg REGION_ID "$selectedRegion" -r \
  '.regions[] | select(.id==$REGION_ID)')"
-  if [[ ! $regionData ]]; then
+  if [[ -z $regionData ]]; then
    echo -e "${RED}The REGION_ID $selectedRegion is not valid.${NC}
    "
    exit 1
@ -64,9 +63,9 @@ function get_selected_region_data() {
 }

 # Check if terminal allows output, if yes, define colors for output
-if test -t 1; then
+if [[ -t 1 ]]; then
  ncolors=$(tput colors)
-  if test -n "$ncolors" && test "$ncolors" -ge 8; then
+  if [[ -n $ncolors && $ncolors -ge 8 ]]; then
    GREEN='\033[0;32m'
    RED='\033[0;31m'
    NC='\033[0m' # No Color
@ -101,16 +100,16 @@ serverlist_url='https://serverlist.piaservers.net/vpninfo/servers/v6'
 # It will print a human-readable message to stderr,
 # and it will print the variables to stdout
 printServerLatency() {
-  serverIP="$1"
-  regionID="$2"
+  serverIP=$1
+  regionID=$2
  regionName="$(echo "${@:3}" |
    sed 's/ false//' | sed 's/true/(geo)/')"
  time=$(LC_NUMERIC=en_US.utf8 curl -o /dev/null -s \
    --connect-timeout "$MAX_LATENCY" \
    --write-out "%{time_connect}" \
-    http://"$serverIP":443)
-  if [ $? -eq 0 ]; then
-    >&2 echo Got latency "${time}"s for region: "$regionName"
+    "http://$serverIP:443")
+  if [[ $? -eq 0 ]]; then
+    >&2 echo "Got latency ${time}s for region: $regionName"
    echo "$time $regionID $serverIP"
    # Write a list of servers with acceptable latency
    # to /opt/piavpn-manual/latencyList
@ -122,10 +121,10 @@ printServerLatency() {
 export -f printServerLatency

 # If a server location or autoconnect isn't specified, set the variable to false/no.
-if [[ -z "$PREFERRED_REGION" ]]; then
+if [[ -z $PREFERRED_REGION ]]; then
  PREFERRED_REGION=none
 fi
-if [[ -z "$VPN_PROTOCOL" ]]; then
+if [[ -z $VPN_PROTOCOL ]]; then
  VPN_PROTOCOL=no
 fi

@ -141,7 +140,7 @@ if [[ $selectedRegion == "none" ]]; then
  check_all_region_data

  # Making sure this variable doesn't contain some strange string
-  if [ "$PIA_PF" != true ]; then
+  if [[ $PIA_PF != "true" ]]; then
    PIA_PF="false"
  fi

@ -165,8 +164,8 @@ if [[ $selectedRegion == "none" ]]; then
    sort | head -1 | awk '{ print $2 }')"
  echo

-  if [ -z "$selectedRegion" ]; then
-    echo -e ${RED}No region responded within "${MAX_LATENCY}"s, consider using a higher timeout.
+  if [[ -z $selectedRegion ]]; then
+    echo -e "${RED}No region responded within ${MAX_LATENCY}s, consider using a higher timeout."
    echo For example, to wait 1 second for each region, inject MAX_LATENCY=1 like this:
    echo -e $ MAX_LATENCY=1 ./get_region.sh${NC}
    exit 1
@ -182,14 +181,14 @@ fi

 get_selected_region_data

-bestServer_meta_IP="$(echo "$regionData" | jq -r '.servers.meta[0].ip')"
-bestServer_meta_hostname="$(echo "$regionData" | jq -r '.servers.meta[0].cn')"
-bestServer_WG_IP="$(echo "$regionData" | jq -r '.servers.wg[0].ip')"
-bestServer_WG_hostname="$(echo "$regionData" | jq -r '.servers.wg[0].cn')"
-bestServer_OT_IP="$(echo "$regionData" | jq -r '.servers.ovpntcp[0].ip')"
-bestServer_OT_hostname="$(echo "$regionData" | jq -r '.servers.ovpntcp[0].cn')"
-bestServer_OU_IP="$(echo "$regionData" | jq -r '.servers.ovpnudp[0].ip')"
-bestServer_OU_hostname="$(echo "$regionData" | jq -r '.servers.ovpnudp[0].cn')"
+bestServer_meta_IP=$(echo "$regionData" | jq -r '.servers.meta[0].ip')
+bestServer_meta_hostname=$(echo "$regionData" | jq -r '.servers.meta[0].cn')
+bestServer_WG_IP=$(echo "$regionData" | jq -r '.servers.wg[0].ip')
+bestServer_WG_hostname=$(echo "$regionData" | jq -r '.servers.wg[0].cn')
+bestServer_OT_IP=$(echo "$regionData" | jq -r '.servers.ovpntcp[0].ip')
+bestServer_OT_hostname=$(echo "$regionData" | jq -r '.servers.ovpntcp[0].cn')
+bestServer_OU_IP=$(echo "$regionData" | jq -r '.servers.ovpnudp[0].ip')
+bestServer_OU_hostname=$(echo "$regionData" | jq -r '.servers.ovpnudp[0].cn')


 if [[ $VPN_PROTOCOL == "no" ]]; then
@ -232,7 +231,7 @@ else
 fi

 # Connect with WireGuard and clear authentication token file and latencyList
-if [[ $VPN_PROTOCOL == wireguard ]]; then
+if [[ $VPN_PROTOCOL == "wireguard" ]]; then
  echo The ./get_region.sh script got started with
  echo -e ${GREEN}VPN_PROTOCOL=wireguard${NC}, so we will automatically connect to WireGuard,
  echo by running this command:
--- a/get_token.sh
+++ b/get_token.sh
@ -20,29 +20,27 @@
 # SOFTWARE.

 # This function allows you to check if the required tools have been installed.
-function check_tool() {
+check_tool() {
  cmd=$1
-  if ! command -v "$cmd" &>/dev/null
-  then
+  if ! command -v "$cmd" >/dev/null; then
    echo "$cmd could not be found"
    echo "Please install $cmd"
    exit 1
  fi
 }
-
-# This function creates a timestamp, to use for setting $TOKEN_EXPIRATION
-function timeout_timestamp() {
-  date +"%c" --date='1 day' # Timestamp 24 hours
-}
-
 # Now we call the function to make sure we can use curl and jq.
 check_tool curl
 check_tool jq

+# This function creates a timestamp, to use for setting $TOKEN_EXPIRATION
+timeout_timestamp() {
+  date +"%c" --date='1 day' # Timestamp 24 hours
+}
+
 # Check if terminal allows output, if yes, define colors for output
-if test -t 1; then
+if [[ -t 1 ]]; then
  ncolors=$(tput colors)
-  if test -n "$ncolors" && test "$ncolors" -ge 8; then
+  if [[ -n $ncolors && $ncolors -ge 8 ]]; then
    GREEN='\033[0;32m'
    RED='\033[0;31m'
    NC='\033[0m' # No Color
@ -61,7 +59,7 @@ fi

 mkdir -p /opt/piavpn-manual

-if [[ ! $PIA_USER || ! $PIA_PASS ]]; then
+if [[ -z $PIA_USER || -z $PIA_PASS ]]; then
  echo If you want this script to automatically get a token from the Meta
  echo service, please add the variables PIA_USER and PIA_PASS. Example:
  echo $ PIA_USER=p0123456 PIA_PASS=xxx ./get_token.sh
@ -75,7 +73,7 @@ echo -n "Checking login credentials..."
 generateTokenResponse=$(curl -s -u "$PIA_USER:$PIA_PASS" \
  "https://privateinternetaccess.com/gtoken/generateToken")

-if [ "$(echo "$generateTokenResponse" | jq -r '.status')" != "OK" ]; then
+if [[ $(echo "$generateTokenResponse" | jq -r '.status') != "OK" ]]; then
  echo
  echo
  echo -e "${RED}Could not authenticate with the login credentials provided!${NC}"
@ -87,9 +85,9 @@ echo -e ${GREEN}OK!
 echo
 token=$(echo "$generateTokenResponse" | jq -r '.token')
 tokenExpiration=$(timeout_timestamp)
-echo -e PIA_TOKEN="$token"${NC}
+echo -e "PIA_TOKEN=$token${NC}"
 echo "$token" > /opt/piavpn-manual/token || exit 1
 echo "$tokenExpiration" >> /opt/piavpn-manual/token
 echo
-echo This token will expire in 24 hours, on "$tokenExpiration".
+echo "This token will expire in 24 hours, on $tokenExpiration."
 echo
--- a/port_forwarding.sh
+++ b/port_forwarding.sh
@ -20,21 +20,20 @@
 # SOFTWARE.

 # This function allows you to check if the required tools have been installed.
-function check_tool() {
+check_tool() {
  cmd=$1
-  if ! command -v "$cmd" &>/dev/null
-  then
+  if ! command -v "$cmd" >/dev/null; then
    echo "$cmd could not be found"
    echo "Please install $cmd"
    exit 1
  fi
 }
-# Now we call the function to make sure we can use wg-quick, curl and jq.
+# Now we call the function to make sure we can use curl and jq.
 check_tool curl
 check_tool jq

 # Check if the mandatory environment variables are set.
-if [[ ! $PF_GATEWAY || ! $PIA_TOKEN || ! $PF_HOSTNAME ]]; then
+if [[ -z $PF_GATEWAY || -z $PIA_TOKEN || -z $PF_HOSTNAME ]]; then
  echo This script requires 3 env vars:
  echo PF_GATEWAY  - the IP of your gateway
  echo PF_HOSTNAME - name of the host used for SSL/TLS certificate verification
@ -48,9 +47,9 @@ exit 1
 fi

 # Check if terminal allows output, if yes, define colors for output
-if test -t 1; then
+if [[ -t 1 ]]; then
  ncolors=$(tput colors)
-  if test -n "$ncolors" && test "$ncolors" -ge 8; then
+  if [[ -n $ncolors && $ncolors -ge 8 ]]; then
    GREEN='\033[0;32m'
    RED='\033[0;31m'
    NC='\033[0m' # No Color
@ -81,7 +80,7 @@ fi
 # If you already have a signature, and you would like to re-use that port,
 # save the payload_and_signature received from your previous request
 # in the env var PAYLOAD_AND_SIGNATURE, and that will be used instead.
-if [[ ! $PAYLOAD_AND_SIGNATURE ]]; then
+if [[ -z $PAYLOAD_AND_SIGNATURE ]]; then
  echo
  echo -n "Getting new signature... "
  payload_and_signature="$(curl -s -m 5 \
@ -90,14 +89,14 @@ if [[ ! $PAYLOAD_AND_SIGNATURE ]]; then
    -G --data-urlencode "token=${PIA_TOKEN}" \
    "https://${PF_HOSTNAME}:19999/getSignature")"
 else
-  payload_and_signature="$PAYLOAD_AND_SIGNATURE"
+  payload_and_signature=$PAYLOAD_AND_SIGNATURE
  echo -n "Checking the payload_and_signature from the env var... "
 fi
 export payload_and_signature

 # Check if the payload and the signature are OK.
 # If they are not OK, just stop the script.
-if [ "$(echo "$payload_and_signature" | jq -r '.status')" != "OK" ]; then
+if [[ $(echo "$payload_and_signature" | jq -r '.status') != "OK" ]]; then
  echo -e "${RED}The payload_and_signature variable does not contain an OK status.${NC}"
  exit 1
 fi
@ -105,18 +104,18 @@ echo -e "${GREEN}OK!${NC}"

 # We need to get the signature out of the previous response.
 # The signature will allow the us to bind the port on the server.
-signature="$(echo "$payload_and_signature" | jq -r '.signature')"
+signature=$(echo "$payload_and_signature" | jq -r '.signature')

 # The payload has a base64 format. We need to extract it from the
 # previous response and also get the following information out:
 # - port: This is the port you got access to
 # - expires_at: this is the date+time when the port expires
-payload="$(echo "$payload_and_signature" | jq -r '.payload')"
-port="$(echo "$payload" | base64 -d | jq -r '.port')"
+payload=$(echo "$payload_and_signature" | jq -r '.payload')
+port=$(echo "$payload" | base64 -d | jq -r '.port')

 # The port normally expires after 2 months. If you consider
 # 2 months is not enough for your setup, please open a ticket.
-expires_at="$(echo "$payload" | base64 -d | jq -r '.expires_at')"
+expires_at=$(echo "$payload" | base64 -d | jq -r '.expires_at')

 echo -ne "
 Signature ${GREEN}$signature${NC}
@ -142,7 +141,7 @@ while true; do
    # If port did not bind, just exit the script.
    # This script will exit in 2 months, since the port will expire.
    export bind_port_response
-    if [ "$(echo "$bind_port_response" | jq -r '.status')" != "OK" ]; then
+    if [[ $(echo "$bind_port_response" | jq -r '.status') != "OK" ]]; then
      echo -e "${RED}The API did not return OK when trying to bind port... Exiting."
      exit 1
    fi
--- a/run_setup.sh
+++ b/run_setup.sh
@ -20,9 +20,9 @@
 # SOFTWARE.

 # Check if terminal allows output, if yes, define colors for output
-if test -t 1; then
+if [[ -t 1 ]]; then
  ncolors=$(tput colors)
-  if test -n "$ncolors" && test "$ncolors" -ge 8; then
+  if [[ -n $ncolors && $ncolors -ge 8 ]]; then
    GREEN='\033[0;32m'
    RED='\033[0;31m'
    NC='\033[0m' # No Color
@ -52,13 +52,13 @@ while :; do
      # Check for in-line definition of $PIA_USER
      if [[ ! $PIA_USER || $PIA_USER = "" ]]; then
        echo
-        read -rp "PIA username (p#######): " PIA_USER
+        read -r -p "PIA username (p#######): " PIA_USER
      fi

      # Confirm format of PIA_USER input
-      unPrefix="${PIA_USER:0:1}"
-      unSuffix="${PIA_USER:1}"
-      if [[ -z "$PIA_USER" ]]; then
+      unPrefix=${PIA_USER:0:1}
+      unSuffix=${PIA_USER:1}
+      if [[ -z $PIA_USER ]]; then
        echo -e "\n${RED}You must provide input.${NC}"
      elif [[ ${#PIA_USER} != 8 ]]; then
        echo -e "\n${RED}A PIA username is always 8 characters long.${NC}"
@ -79,12 +79,12 @@ while :; do
    if [[ ! $PIA_PASS || $PIA_PASS = "" ]]; then
      echo
      echo -n "PIA password: "
-      read -rs PIA_PASS
+      read -r -s PIA_PASS
      echo
    fi

    # Confirm format of PIA_PASS input
-    if [[ -z "$PIA_PASS" ]]; then
+    if [[ -z $PIA_PASS ]]; then
      echo -e "\n${RED}You must provide input.${NC}"
    elif [[ ${#PIA_PASS} -lt 8 ]]; then
      echo -e "\n${RED}A PIA password is always a minimum of 8 characters long.${NC}"
@ -102,8 +102,8 @@ while :; do

  tokenLocation="/opt/piavpn-manual/token"
  # If the script failed to generate an authentication token, the script will exit early.
-  if [ ! -f "$tokenLocation" ]; then
-    read -pr "Do you want to try again ([N]o/[y]es): " tryAgain
+  if [[ ! -f $tokenLocation ]]; then
+    read -r -p "Do you want to try again ([N]o/[y]es): " tryAgain
    if ! echo "${tryAgain:0:1}" | grep -iq y; then
      exit 1
    fi
@ -160,7 +160,7 @@ fi

 # Input validation and check for conflicting declarations of AUTOCONNECT and PREFERRED_REGION
 # If both variables are set, AUTOCONNECT has superiority and PREFERRED_REGION is ignored
-if [[ ! $AUTOCONNECT ]]; then
+if [[ -z $AUTOCONNECT ]]; then
  echo AUTOCONNECT was not declared.
  echo
  selectServer="ask"
@ -179,7 +179,7 @@ else
    echo -e "Updated ${GREEN}AUTOCONNECT=$AUTOCONNECT${NC}"
    echo
  fi
-  if [[ ! $PREFERRED_REGION ]]; then
+  if [[ -z $PREFERRED_REGION ]]; then
    echo -e "${GREEN}AUTOCONNECT=true${NC}"
    echo
  else
@ -196,7 +196,7 @@ fi
 while :; do
  if [[ ! $PREFERRED_REGION || $PREFERRED_REGION = "" ]]; then
    # If autoconnect is not set, prompt the user to specify a server or auto-connect to the lowest latency
-    if [[ $selectServer = "ask" ]]; then
+    if [[ $selectServer == "ask" ]]; then
      echo -n "Do you want to manually select a server, instead of auto-connecting to the
 server with the lowest latency ([N]o/[y]es): "
      read -r selectServer
@ -230,9 +230,9 @@ For example, you can try 0.2 for 200ms allowed latency.
        customLatency=0
        customLatency+=$latencyInput

-        if [[ -z "$latencyInput" ]]; then
+        if [[ -z $latencyInput ]]; then
          break
-        elif [[ $latencyInput = 0 ]]; then
+        elif [[ $latencyInput == 0 ]]; then
          echo -e "${RED}Latency input must not be zero.${NC}\n"
        elif ! [[ $customLatency =~ $floatCheck ]]; then
          echo -e "${RED}Latency input must be numeric.${NC}\n"
@ -254,7 +254,7 @@ For example, you can try 0.2 for 200ms allowed latency.
      export VPN_PROTOCOL
      VPN_PROTOCOL=no ./get_region.sh

-      if [ -s /opt/piavpn-manual/latencyList ]; then
+      if [[ -s /opt/piavpn-manual/latencyList ]]; then
        # Output the ordered list of servers that meet the latency specification $MAX_LATENCY
        echo -e "Ordered list of servers with latency less than ${GREEN}$MAX_LATENCY${NC} seconds:"
        i=0
@ -275,8 +275,8 @@ For example, you can try 0.2 for 200ms allowed latency.

        # Receive input to specify the server to connect to manually
        while :; do
-          read -pr "Input the number of the server you want to connect to ([1]-[$i]) : "  serverSelection
-            if [[ -z "$serverSelection" ]]; then
+          read -r -p "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection
+            if [[ -z $serverSelection ]]; then
              echo -e "\n${RED}You must provide input.${NC}\n"
            elif ! [[ $serverSelection =~ $intCheck ]]; then
              echo -e "\n${RED}You must enter a number.${NC}\n"
@ -316,7 +316,7 @@ For example, you can try 0.2 for 200ms allowed latency.
  fi
 done

-if [[ ! $VPN_PROTOCOL ]]; then
+if [[ -z $VPN_PROTOCOL ]]; then
  VPN_PROTOCOL="none"
 fi
 # This section asks for user connection preferences
@ -362,7 +362,7 @@ ${NC}"

 # Check for the required presence of resolvconf for setting DNS on wireguard connections
 setDNS="yes"
-if ! command -v resolvconf &>/dev/null && [ "$VPN_PROTOCOL" == wireguard ]; then
+if ! command -v resolvconf &>/dev/null && [[ $VPN_PROTOCOL == "wireguard" ]]; then
  echo -e ${RED}The resolvconf package could not be found.
  echo This script can not set DNS for you and you will
  echo -e need to invoke DNS protection some other way.${NC}
@ -382,7 +382,7 @@ if [[ $setDNS = "yes" ]]; then
      PIA_DNS="false"
    fi
  fi
-elif [[ $PIA_DNS != "true" || $setDNS = "no" ]];then
+elif [[ $PIA_DNS != "true" || $setDNS == "no" ]]; then
  PIA_DNS="false"
 fi
 export PIA_DNS